[Python-Dev] Capabilities in Python
Jim Fulton
jim@zope.com
Mon, 10 Mar 2003 06:31:16 -0500
Mon, 10 Mar 2003 06:31:16 -0500
- Previous message: [Python-Dev] Capabilities in Python
- Next message: [Python-Dev] Capabilities in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Guido van Rossum wrote: > [Jim] > >>You don't need restricted execution to make proxies work. > > > Um, I think that's a dangerous mistake, or a confusion in terminology. All I'm saying is that the proxy mechanism itself doesn't rely on restricted execution. > Without restricted execution, untrusted code would have access to > sys.modules, and from there it would be able to access > removeAllProxies. All we need to be able to do is control imports. It turns out that to prevent access to sys.modules, we have to replace __builtins__, which has the side-effect of enabling restricted execution. You don't need anything but the ability to restrict imports and other unproxied access to sys.modules to use proxies. Jim -- Jim Fulton mailto:jim@zope.com Python Powered! CTO (888) 344-4332 http://www.python.org Zope Corporation http://www.zope.com http://www.zope.org
- Previous message: [Python-Dev] Capabilities in Python
- Next message: [Python-Dev] Capabilities in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]